diff options
| author | Luiz Augusto von Dentz <luiz.von.dentz@intel.com> | 2020-11-11 14:42:36 -0800 |
|---|---|---|
| committer | Luiz Augusto von Dentz <luiz.von.dentz@intel.com> | 2020-11-13 15:12:15 -0800 |
| commit | 39dd929f539964a62e6aaa6e4832863fa9f54127 (patch) | |
| tree | 674c2d4f501891b61504ffa9976a720f01df19d5 /emulator/bthost.c | |
| parent | 90cf5bf7748bb97da0355c4e081c193be8b57b45 (diff) | |
| download | bluez-39dd929f539964a62e6aaa6e4832863fa9f54127.tar.gz | |
bthost: Fix sending uninitilized data
Syscall param writev(vector[...]) points to uninitialised byte(s)
at 0x4A8A497: writev (in /usr/lib64/libc-2.31.so)
by 0x1365C1: send_packet (bthost.c:509)
by 0x1365C1: send_packet (bthost.c:492)
by 0x1365C1: next_cmd (bthost.c:737)
by 0x137578: evt_cmd_complete (bthost.c:882)
by 0x137578: process_evt (bthost.c:1343)
by 0x137578: bthost_receive_h4 (bthost.c:2414)
by 0x12DF49: receive_bthost.part.0 (hciemu.c:134)
by 0x48B978E: g_main_context_dispatch (in /usr/lib64/libglib-2.0.so.0.6400.6)
by 0x48B9B17: ??? (in /usr/lib64/libglib-2.0.so.0.6400.6)
by 0x48B9E32: g_main_loop_run (in /usr/lib64/libglib-2.0.so.0.6400.6)
by 0x14A664: mainloop_run (mainloop-glib.c:66)
by 0x14AA41: mainloop_run_with_signal (mainloop-notify.c:188)
by 0x149A7B: tester_run (tester.c:871)
by 0x129C77: main (mgmt-tester.c:10219)
Address 0x4c48c05 is 21 bytes inside a block of size 280 alloc'd
at 0x483CAE9: calloc (vg_replace_malloc.c:760)
by 0x136487: queue_command (bthost.c:472)
by 0x136487: send_command (bthost.c:715)
by 0x13948A: bthost_set_ext_adv_enable (bthost.c:2581)
by 0x12CEBF: trigger_device_found (mgmt-tester.c:8513)
by 0x148C9A: wait_callback (tester.c:749)
by 0x48BA330: ??? (in /usr/lib64/libglib-2.0.so.0.6400.6)
by 0x48B978E: g_main_context_dispatch (in /usr/lib64/libglib-2.0.so.0.6400.6)
by 0x48B9B17: ??? (in /usr/lib64/libglib-2.0.so.0.6400.6)
by 0x48B9E32: g_main_loop_run (in /usr/lib64/libglib-2.0.so.0.6400.6)
by 0x14A664: mainloop_run (mainloop-glib.c:66)
by 0x14AA41: mainloop_run_with_signal (mainloop-notify.c:188)
by 0x149A7B: tester_run (tester.c:871)
Diffstat (limited to 'emulator/bthost.c')
| -rw-r--r-- | emulator/bthost.c | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/emulator/bthost.c b/emulator/bthost.c index f29bda06e..3b42c0664 100644 --- a/emulator/bthost.c +++ b/emulator/bthost.c @@ -2577,6 +2577,7 @@ void bthost_set_ext_adv_enable(struct bthost *bthost, uint8_t enable) send_command(bthost, BT_HCI_CMD_LE_SET_EXT_ADV_PARAMS, &cp, sizeof(cp)); + memset(&cp_enable, 0, sizeof(cp_enable)); cp_enable.enable = enable; send_command(bthost, BT_HCI_CMD_LE_SET_EXT_ADV_ENABLE, &cp_enable, sizeof(cp_enable)); |